Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e87f4aac9007406685d0e98e47e91d10424d8560fa8020511718ce7c03c9f2ce

  • Size

    1.4MB

  • Sample

    230801-kawtdsee67

  • MD5

    4bc71907f53b250dfda873e4cebf7b67

  • SHA1

    45fbaa6a08a1744a0e68009d5348cf16c90b981d

  • SHA256

    e87f4aac9007406685d0e98e47e91d10424d8560fa8020511718ce7c03c9f2ce

  • SHA512

    bac81ab2f8948ee3f3ca0b70c3e8823d877a2cf28b8a8efadf18aee03b5e35df530dd404dfae32a1a4ddaadf39662a92c43abf574f4bca3e79282b99376c6304

  • SSDEEP

    24576:U2G/nvxW3Ww0tRp8GiXTBhq7yRDvHcUcjUvy0lr3Tl6icOB/UWoT:UbA30H4zF0UMSAicOB/UWk

Score
10/10

Malware Config

Targets

    • Target

      e87f4aac9007406685d0e98e47e91d10424d8560fa8020511718ce7c03c9f2ce

    • Size

      1.4MB

    • MD5

      4bc71907f53b250dfda873e4cebf7b67

    • SHA1

      45fbaa6a08a1744a0e68009d5348cf16c90b981d

    • SHA256

      e87f4aac9007406685d0e98e47e91d10424d8560fa8020511718ce7c03c9f2ce

    • SHA512

      bac81ab2f8948ee3f3ca0b70c3e8823d877a2cf28b8a8efadf18aee03b5e35df530dd404dfae32a1a4ddaadf39662a92c43abf574f4bca3e79282b99376c6304

    • SSDEEP

      24576:U2G/nvxW3Ww0tRp8GiXTBhq7yRDvHcUcjUvy0lr3Tl6icOB/UWoT:UbA30H4zF0UMSAicOB/UWk

    Score
    10/10
    • Modifies WinLogon for persistence

    • Modifies Windows Firewall

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks